diff options
author | Davide Ornaghi <d.ornaghi97@gmail.com> | 2024-06-05 13:03:45 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2024-06-11 18:46:04 +0200 |
commit | c4ab9da85b9df3692f861512fe6c9812f38b7471 (patch) | |
tree | 40f367fd39317bc07a0eed8f9947c0e6e711ca83 /net/netfilter/ipset | |
parent | 36534d3c54537bf098224a32dc31397793d4594d (diff) |
netfilter: nft_inner: validate mandatory meta and payload
Check for mandatory netlink attributes in payload and meta expression
when used embedded from the inner expression, otherwise NULL pointer
dereference is possible from userspace.
Fixes: a150d122b6bd ("netfilter: nft_meta: add inner match support")
Fixes: 3a07327d10a0 ("netfilter: nft_inner: support for inner tunnel header matching")
Signed-off-by: Davide Ornaghi <d.ornaghi97@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/ipset')
0 files changed, 0 insertions, 0 deletions